learing mode acls problem in grsec-1.9.8-rc2 & gradm-1.6

Submit your RBAC policies or suggest policy improvements

learing mode acls problem in grsec-1.9.8-rc2 & gradm-1.6

Postby piavka » Tue Dec 17, 2002 9:04 am

Below is the acl generated from learing mode for named. As you can see
some learning objects don't have any object modes. I know this probelm was present in older versions, wasn't it solved in grsec-1.9.8-rc2
or i might be doing something wrong? Thanks.
/usr/sbin/named o {
/usr/local/web/named/var/run/named.pid w
/usr/local/web/named/var/run
/usr/local/web/named/etc/localtime r
/usr/local/web/named/dev/random r
/usr/local/web/named/dev/null rw
/usr/local/web/named/conf r
/usr/local/web/named
/usr/local/lib
/usr/lib/libcrypto.so.0.9.6 rx
/usr/X11R6/lib
/sbin/modprobe x
...
}
piavka
 
Posts: 20
Joined: Tue Jul 02, 2002 10:03 am

Postby spender » Tue Dec 17, 2002 9:54 am

There's nothing wrong. That's correct. It simply means that there's viewing access to those files (meaning they're not hidden).

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to RBAC policy development